Page 46 / 127 Scroll up to view Page 41 - 45
Archer
D5
AC1200 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
35
L2TP Pass-through:
L2TP (Layer Two Tunneling Protocol) is the method used to
enable Point-to-Point sessions via the Internet on the Layer Two level. To allow L2TP
tunnels to pass through the modem router, click
Enable
.
IPSec Pass-through:
IPSec (Internet Protocol security) is a suite of protocols for
ensuring private, secure communications over Internet Protocol (IP) networks, through
the use of cryptographic security services. To allow IPSec tunnels to pass through the
modem router, click
Enable
.
Application Layer Gateway (ALG):
It is recommended to enable ALG (Application Layer
Gateway) because ALG allows customized Network Address Translation (NAT) traversal
filters to be plugged into the gateway to support address and port translation for certain
application layer "control/data" protocols such as FTP, TFTP etc.
FTP ALG:
To allow FTP clients and servers to transfer data across NAT, click
Enable
.
TFTP ALG:
To allow TFTP clients and servers to transfer data across NAT, click
Enable
.
H323 ALG:
To allow H323 clients and servers to transfer data across NAT, click
Enable
.
SIP ALG:
To allow SIP clients and servers to transfer data across NAT, click
Enable
.
Click the
Save
button to save your settings.
4.5.7
DSL Settings
Choose “
Advanced Setup
DSL Settings
”, you can select the DSL Modulation Type and the
Annex Type in the next screen. The DSL settings can be changed when you meet the physical
connection problem. Please check the proper settings with your Internet service provider.
Figure 4-20
DSL Modulation Type:
Select the DSL operation Modulation Type which your DSL
connection uses.
Annex Type:
Select the DSL operation Annex Type which your DSL connection uses.
Click the
Save
button to save your settings.
4.5.8
IPSec VPN
Choose “
Network
IPSec VPN
”, you can Add/Remove or Enable/Disable the IPSec tunnel
connections on the screen as shown in Figure 4-21.
Page 47 / 127
Archer
D5
AC1200 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
36
Figure 4-21
This section will guide you to configure a VPN tunnel between two Archer D5s. The topology is as
follows.
Archer D5
Archer D5
Note:
You could also use other VPN Routers to set VPN tunnels with Archer
D5
. Archer
D5
supports up
to 10 VPN tunnels simultaneously.
Click
Add New Connection
in Figure 4-21 and then you will enter the screen shown in Figure
4-22.
Page 48 / 127
Archer
D5
AC1200 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
37
Figure 4-22
IPSec Connection Name:
Enter a name for your VPN.
Remote IPSec Gateway Address (URL):
Enter the destination gateway IP address which is
the public WAN IP or Domain Name of the remote VPN server endpoint. (For example: Input
219.134.112.247
in
Device1
, Input
219.134.112.246
in
Device 2
)
Tunnel access from local IP addresses:
Choose Subnet if you want the Whole LAN to join
the VPN network, or else choose Single Address if you want single IP to join the VPN network.
IP Address for VPN:
Enter the IP address of your LAN. (For example: Input
192.168.1.1
in
Device1
, Input
192.168.2.1
in
Device2
)
IP Subnetmask:
Enter the Subnet mask of your LAN. ( For example: Input
255.255.255.0
in
both
Device1
and
Device2
)
Tunnel access from remote IP addresses:
Choose Subnet if you want the Remote Whole
LAN to join the VPN network, or else choose Single Address if you want single IP to join the
VPN network.
IP Address for VPN:
Enter the IP address of the Remote LAN. ( For example: Input
192.168.2.1
in
Device1
,Input
192.168.1.1
in
Device2
)
IP Subnetmask:
Enter the subnetmask of the remote LAN. ( For example: Input
255.255.255.0
in both
Device1
and
Device2
)
Key Exchange Method:
Select
Auto (IKE)
or
Manual
.
Authentication Method:
Select
Pre-Shared Key
(recommended).
Pre-Shared Key:
Input the Pre-Shared key for Authentication. (For example: Input 12345678)
Perfect Forward Secrecy:
PFS is an additional security protocol.
After complete the basic settings and click Save/Apply in both
Device1
and
Device2
, PCs in LAN1
could communicate with PCs in remote LAN2. (For example: You can ping the IP address of PC2
which is 192.168.2.100 in PC1)
Note:
The VPN Servers Endpoint from both ends must use the same pre-shared keys and Perfect
Forward Secrecy settings.
Page 49 / 127
Archer
D5
AC1200 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
38
Click
Show Advanced Settings
and then you can configure the Advanced Settings.
We
recommend you leave the Advanced Settings as default value.
Figure 4-23
Mode:
Select
Main Mode
to configure the standard negotiation parameters for IKE
phase1.Select
Aggressive Mode
to configure IKE phase1 of the VPN Tunnel to carry out
negotiation in a shorter amount of time. (Not Recommended-Less Secure)
Note:
The difference between the two modes is that aggressive mode will pass more information in
fewer packets, with the benefit of slightly faster connection establishment, at the cost of
transmitting the identities of the security firewall in the clear. When using aggressive mode, some
configuration parameters such as Diffie-Hellman groups and PFS can not be negotiated, resulting
in a greater importance of having "compatible" configuration on both ends.
Key Life Time:
Enter the number of seconds for the IPSec lifetime. It is the period of time to
pass before establishing a new IPSec security association (SA) with the remote endpoint. The
default value is 3600.
Note:
If you want to change the default settings of
Advanced Settings
, please make sure that both VPN
server endpoints use the same Encryption Algorithm, Integrity Algorithm, Diffie-Hellman Group
and Key Life time in both
phase1
and
phase2
.
4.6 IPTV
Choose “
IPTV
”, and you will see the screen as shown in Figure 4-24.
Page 50 / 127
Archer
D5
AC1200 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
39
Figure 4-24
Enable IPTV:
Check the box to enable IPTV function.
VPI (0~255):
Identifies the virtual path between endpoints in an ATM network. The valid range
is from 0 to 255. Please input the value provided by your ISP.
VCI (1~65535):
Identifies the virtual channel endpoints in an ATM network. The valid range is
from 1 to 65535 (1 to 31 is reserved for well-known protocols). Please input the value
provided by your ISP.
Click the
Save
button to save your settings.
4.7 DHCP Server
Choose “
DHCP Server
”, you can see the next submenus:
Click any of them, and you will be able to configure the corresponding function.
4.7.1
DHCP Settings
Choose menu “
DHCP Server
DHCP Settings
”, you can configure the DHCP Server on the
page as shown in Figure 4-25.The modem router is set up by default as a DHCP (Dynamic Host
Configuration Protocol) server, which provides the TCP/IP configuration for all the PC(s) that are
connected to the modem router on the LAN.

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top